package tech.wangpai.security.server;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.social.security.SpringSocialConfigurer;

import tech.wangpai.security.app.authentication.openid.OpenIdAuthenticationSecurityConfig;
import tech.wangpai.security.core.authentication.FormAuthenticationConfig;
import tech.wangpai.security.core.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
import tech.wangpai.security.core.authorize.AuthorizeConfigManager;
import tech.wangpai.security.core.validate.code.ValidateCodeSecurityConfig;

/**
 * 资源服务器配置
 */
@Configuration
@EnableResourceServer
public class WangpaiResourceServerConfig extends ResourceServerConfigurerAdapter {

    protected final AuthenticationSuccessHandler authenticationSuccessHandler;

    protected final AuthenticationFailureHandler authenticationFailureHandler;

    private final SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;

    private final OpenIdAuthenticationSecurityConfig openIdAuthenticationSecurityConfig;

    private final ValidateCodeSecurityConfig validateCodeSecurityConfig;

    private final SpringSocialConfigurer imoocSocialSecurityConfig;

    private final AuthorizeConfigManager authorizeConfigManager;

    private final FormAuthenticationConfig formAuthenticationConfig;

    public WangpaiResourceServerConfig(AuthenticationSuccessHandler authenticationSuccessHandler, AuthenticationFailureHandler authenticationFailureHandler, SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig, OpenIdAuthenticationSecurityConfig openIdAuthenticationSecurityConfig, ValidateCodeSecurityConfig validateCodeSecurityConfig, SpringSocialConfigurer imoocSocialSecurityConfig, AuthorizeConfigManager authorizeConfigManager, FormAuthenticationConfig formAuthenticationConfig) {
        this.authenticationSuccessHandler = authenticationSuccessHandler;
        this.authenticationFailureHandler = authenticationFailureHandler;
        this.smsCodeAuthenticationSecurityConfig = smsCodeAuthenticationSecurityConfig;
        this.openIdAuthenticationSecurityConfig = openIdAuthenticationSecurityConfig;
        this.validateCodeSecurityConfig = validateCodeSecurityConfig;
        this.imoocSocialSecurityConfig = imoocSocialSecurityConfig;
        this.authorizeConfigManager = authorizeConfigManager;
        this.formAuthenticationConfig = formAuthenticationConfig;
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {

        formAuthenticationConfig.configure(http);

        http.apply(validateCodeSecurityConfig)
                .and()
                .apply(smsCodeAuthenticationSecurityConfig)
                .and()
                .apply(imoocSocialSecurityConfig)
                .and()
                .apply(openIdAuthenticationSecurityConfig)
                .and()
                .csrf().disable();

        authorizeConfigManager.config(http.authorizeRequests());
    }

}